Getting Started

Github Runner

  1. Apply for a nitro enclave machine on AWS.

  2. Configure the GitHub runner:

    1. Settings → Actions → Runners → New self-hosted runner

    2. Follow the instructions to configure the GitHub Runner

  3. Download the enclave image file (e.g. ata-build-rust-latest.eif)

  4. Download TEE Compile.

Github Action

Create tee_compile.yml under the project's .github/workflow directory.

name: TEE Compile

on:
  release:
    types: [published]

jobs:
  build:
    permissions: write-all
    runs-on: [self-hosted]
    steps:
    - name: Checkout
      uses: actions/checkout@v2
    - name: Build
      run: |
        tee-compile build -output release.tar -nitro ~/ata-build-rust-latest.eif
    - name: Release
      uses: softprops/action-gh-release@v1
      with:
        files: release.tar

Create the build.json file in the project.

{
        "language": "rust",
        "input": {
                "cmd": "cargo build",
                "vendor": "cargo fetch"
        },
        "output": {
                "files": ["target/debug/binary"]
        }
}

TEE Compile

TEE Compile is a compilation tool that runs within the Runner. It will be responsible for running the nitro enclave and performing the compilation, and generating the Attestation Report. It can be downloaded here.

PreviousTEE CompileNextVendorizing

Last updated